719ba6e1ffc43e8bc09325caa5ccce24dc0a93751e67c17ce758acaf2d81d594

Sharing

Copy URL

Twitter E-mail

General

Target

719ba6e1ffc43e8bc09325caa5ccce24dc0a93751e67c17ce758acaf2d81d594
Size

693KB
MD5

cb5a934cafbdb302fc503e93a160402b
SHA1

d2fbb8741e68d8d830cc88ae7b5bd36d66f2a1d0
SHA256

719ba6e1ffc43e8bc09325caa5ccce24dc0a93751e67c17ce758acaf2d81d594
SHA512

c5ff66d67ccbe8b73b5f9cbc75144729f736685f99f2f9db33ff2a4ba7ac7f46b9841655765bcb1ce158bfac6ce329bc95e9bb0a46ce99701a1e5fc32baa3e9a
SSDEEP

12288:meFXXG9yBtBiK35wp6679474tsrl63Drl9F/leRsTXXceengue7X5zFdSFShn3dh:meNW9w314u563g8DeczTDV73

Score

N/A

Malware Config

Signatures

Files

719ba6e1ffc43e8bc09325caa5ccce24dc0a93751e67c17ce758acaf2d81d594
.rar
HashTab-V6.3 完美汉化版/HashTab32.dll
.dll regsvr32 windows x86

245d4dfbd2cb11d1e3ff0c1c1bea465f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LoadLibraryExW
LoadResource
SizeofResource
GlobalLock
GlobalUnlock
lstrcmpiW
FindResourceW
MultiByteToWideChar
GetFileSize
ReadFile
CreateThread
CreateFileW
GetFileSizeEx
CloseHandle
FindResourceExW
LockResource
VerSetConditionMask
Sleep
GetCurrentThreadId
GlobalAlloc
LoadLibraryA
VerifyVersionInfoW
EncodePointer
GetThreadLocale
SetThreadLocale
SetThreadUILanguage
GetModuleHandleW
GetModuleHandleA
QueryPerformanceFrequency
SetEndOfFile
WriteConsoleW
SetStdHandle
ReadConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
LeaveCriticalSection
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetModuleFileNameW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
GetStdHandle
GetACP
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
RtlUnwind
GetCPInfo
GetLocaleInfoW
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStringTypeW
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
EnterCriticalSection
LoadLibraryW
GetCommandLineA
GetProcAddress
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OutputDebugStringA
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
SetLastError
GetLastError
RaiseException
DecodePointer

user32

PostMessageW
CharNextW
GetMessagePos
ShowWindow
UnregisterClassW
SendMessageW
ChangeClipboardChain
SetClipboardViewer
GetComboBoxInfo
GetParent
OffsetRect
InflateRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
ClientToScreen
GetCursorPos
ReleaseDC
GetDC
GetSystemMetrics
GetCapture
GetFocus
SetWindowPos
DestroyWindow
IsWindow
CreateWindowExW
CallWindowProcW
DefWindowProcW
RegisterWindowMessageW
EndDialog
GetMonitorInfoW
MonitorFromPoint
DestroyIcon
SetWindowLongW
GetWindowLongW
MessageBoxIndirectW
MessageBoxW
GetClientRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
InsertMenuItemW
TrackPopupMenu
DestroyMenu
CreatePopupMenu
EnableWindow
GetKeyState
GetActiveWindow
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
GetDlgCtrlID
SetDlgItemTextW
GetDlgItem
DialogBoxParamW

gdi32

GetTextExtentExPointW
GetTextExtentPoint32W
SelectObject

shell32

ShellExecuteW
DragQueryFileW

ole32

CoTaskMemRealloc
CoTaskMemFree
ReleaseStgMedium
RegisterDragDrop
RevokeDragDrop
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc

oleaut32

UnRegisterTypeLi
SysFreeString
SysStringLen
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysAllocString

advapi32

RegDeleteValueA
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegSetValueExA
RegQueryValueExA

shlwapi

PathIsDirectoryW
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 614KB - Virtual size: 613KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HashTab-V6.3 完美汉化版/HashTab64.dll
.dll regsvr32 windows x64

8a508e9932d08d142416515dfda0f89b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

QueryActCtxW
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadLibraryExW
LoadResource
SizeofResource
GlobalLock
GlobalUnlock
lstrcmpiW
FindResourceW
MultiByteToWideChar
GetFileSize
ReadFile
CreateThread
CreateFileW
GetFileSizeEx
CloseHandle
FindResourceExW
LockResource
VerSetConditionMask
Sleep
GetCurrentThreadId
GlobalAlloc
VerifyVersionInfoW
EncodePointer
GetThreadLocale
SetThreadLocale
SetThreadUILanguage
LoadLibraryW
GetModuleHandleExW
QueryPerformanceFrequency
SetEndOfFile
WriteConsoleW
SetStdHandle
ReadConsoleW
FreeEnvironmentStringsW
FindActCtxSectionStringW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetModuleFileNameW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
GetStdHandle
GetACP
GetModuleFileNameA
ExitProcess
InterlockedFlushSList
RtlUnwindEx
RtlPcToFileHeader
GetCPInfo
GetLocaleInfoW
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStringTypeW
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
DeactivateActCtx
ActivateActCtx
GetEnvironmentStringsW
CreateActCtxW
TerminateProcess
SetUnhandledExceptionFilter
OutputDebugStringA
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
SetLastError
GetLastError
RaiseException
DecodePointer

user32

DestroyIcon
SendMessageW
UnregisterClassW
SetClipboardViewer
ChangeClipboardChain
PostMessageW
CharNextW
GetMessagePos
GetComboBoxInfo
GetParent
OffsetRect
InflateRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
ClientToScreen
GetCursorPos
ReleaseDC
GetDC
GetSystemMetrics
GetCapture
GetFocus
SetWindowPos
DestroyWindow
ShowWindow
CreateWindowExW
CallWindowProcW
DefWindowProcW
RegisterWindowMessageW
EndDialog
GetMonitorInfoW
MonitorFromPoint
IsWindow
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
MessageBoxIndirectW
MessageBoxW
GetClientRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
InsertMenuItemW
TrackPopupMenu
DestroyMenu
CreatePopupMenu
EnableWindow
GetKeyState
GetActiveWindow
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
GetDlgCtrlID
SetDlgItemTextW
GetDlgItem
DialogBoxParamW

gdi32

GetTextExtentExPointW
GetTextExtentPoint32W
SelectObject

shell32

DragQueryFileW
ShellExecuteW

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
ReleaseStgMedium
RegisterDragDrop
RevokeDragDrop

oleaut32

SysAllocString
LoadRegTypeLi
SysFreeString
SysStringLen
VarUI4FromStr
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi

advapi32

RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

shlwapi

PathFileExistsW
PathIsDirectoryW
PathFindFileNameW
PathRemoveFileSpecW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 645KB - Virtual size: 645KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HashTab-V6.3 完美汉化版/卸载HashTab.bat
HashTab-V6.3 完美汉化版/启用HashTab.bat

Sharing

General

Malware Config

Signatures

Files

245d4dfbd2cb11d1e3ff0c1c1bea465f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 614KB - Virtual size: 613KB

.rdata Size: 173KB - Virtual size: 173KB

.data Size: 30KB - Virtual size: 39KB

.tls Size: 512B - Virtual size: 9B

.gfids Size: 512B - Virtual size: 428B

.rsrc Size: 181KB - Virtual size: 181KB

.reloc Size: 42KB - Virtual size: 41KB

8a508e9932d08d142416515dfda0f89b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 645KB - Virtual size: 645KB

.rdata Size: 311KB - Virtual size: 310KB

.data Size: 36KB - Virtual size: 48KB

.pdata Size: 38KB - Virtual size: 37KB

.gfids Size: 512B - Virtual size: 388B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 181KB - Virtual size: 181KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 614KB - Virtual size: 613KB

.rdata
Size: 173KB - Virtual size: 173KB

.data
Size: 30KB - Virtual size: 39KB

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 512B - Virtual size: 428B

.rsrc
Size: 181KB - Virtual size: 181KB

.reloc
Size: 42KB - Virtual size: 41KB

.text
Size: 645KB - Virtual size: 645KB

.rdata
Size: 311KB - Virtual size: 310KB

.data
Size: 36KB - Virtual size: 48KB

.pdata
Size: 38KB - Virtual size: 37KB

.gfids
Size: 512B - Virtual size: 388B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 181KB - Virtual size: 181KB

.reloc
Size: 12KB - Virtual size: 11KB